Overview
overview
7Static
static
31.exe
windows7-x64
71.exe
windows10-2004-x64
72.exe
windows7-x64
72.exe
windows10-2004-x64
7Setup.exe
windows7-x64
7Setup.exe
windows10-2004-x64
7_中文版...64.exe
windows7-x64
7_中文版...64.exe
windows10-2004-x64
7potato_latestx64.exe
windows7-x64
7potato_latestx64.exe
windows10-2004-x64
7Analysis
-
max time kernel
142s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
06/10/2024, 11:11
Static task
static1
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
2.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
2.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
_中文版_TG_telegrnai_win_dows_ios_X_64.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
_中文版_TG_telegrnai_win_dows_ios_X_64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
potato_latestx64.exe
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
potato_latestx64.exe
Resource
win10v2004-20240802-en
General
-
Target
Setup.exe
-
Size
104.3MB
-
MD5
7fa83fe4857eaaf6fc6db9297c844038
-
SHA1
2a327cb8fbfd1273c18947817899dd98affe0051
-
SHA256
933ade515e0f2d50619c89a7db18a898e6029448437ce72d6306fe67e269b507
-
SHA512
b61ecf63897e0fb48d1a732cd4bb5537d3e6f6ada31a6011c12ffe1516cadc68a4e1cf1f806c735d127282ca2528b9b373976ddb0baefacdfcad4163f00f6db0
-
SSDEEP
1572864:0X+S+V9LyN0C1qh6maqmmRoF+dnQ6dkkGFinQ6dkkGFinQYPcAtjTDhlHYxZGf8A:0X+p3uN0CaFlQ9FiQ9FiQYEAlHQZGf8A
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 4992 Setup.exe 4992 Setup.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Setup.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
15KB
MD5d1eefb07abc2577dfb92eb2e95a975e4
SHA10584c2b1807bc3bd10d4b60d2d23eeb0e6832ca2
SHA25689dd7d646278d8bfc41d5446bdc348b9a9afaa832abf02c1396272bb7ac7262a
SHA512eaffd9940b1df59e95e2adb79b3b6415fff5bf196ebea5fe625a6c52e552a00b44d985a36a8dd9eb33eba2425ffea4244ed07a75d87284ff51ec9f9a5e1ac65e
-
Filesize
1024B
MD5e7199a39f0f82196968ff2377c72038d
SHA11de8a8dc7598ffc43db4e773a592892b01a374ba
SHA256af4422c8c6979dbc7228a658ff3763a5920706f251aa396e4133879660dab0e3
SHA51256a6699488079acc12900b8a529ac2b9c3cc67901aef2bf3d954438aead44826ec02f4010fb62eb325299479cde094c0453698241a57328452473a3390fa001a